Both kinit and adjoin fail to acquire inital ticket on HP-UX

On HP-UX the port assignment for the kerberos service in /etc/services doesn't correspond to the names published by IANA.org.

The port assignments published by IANA [http://www.iana.org/assignments/service-names-port-numbers] are:


kerberos 88 tcp Kerberos
kerberos 88 udp Kerberos
kerberos-iv 750 udp kerberos version iv


On HP-UX the service name "kerberos" is assigned to port 750 for both TCP and UDP while port 88 is associated with the service name "kerberos5".

There are two ways to workaround this problem:

1. Change the service names in /etc/services to be in line with IANA.

2. Use static configuration in /etc/krb5.conf and explicitly note port 88 for the kdc parameter under the [realms] section, e.g.


[realms]
AD01.ACME.COM = {
kdc = ad01.acme.com:88
}

Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: June 28, 2019